<?php

require 'facebook.php';
require 'config.inc.php';

// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
  'appId'  => $fbconfig['app_id'],
  'secret' => $fbconfig['secret_key'],
  'cookie' => true,
));

$session = $facebook->getSession();
$me = null;
// Session based API call.
if ($session) {
  try {
    $uid = $facebook->getUser();
  } catch (FacebookApiException $e) {
    echo "Somethings wrong";
  }
}

$id = $_POST["uid"];
$access_token = $_POST["access_token"];
$groupid= $_POST["xid"];
$group_name= $_POST["x"];



/*
try{
	$fql    =   'SELECT uid FROM user WHERE uid in (select uid2 from friend where uid1='.$id.')';
	$param  =   array(
		'method'    => 'fql.query',
		'query'     => $fql,
		'callback'  => ''
	);
	$result   =   $facebook->api($param);
}catch(Exception $o){
	echo($o);
}
//echo "done";
//echo print_r($result);

$i=0;$txt="";
for(;$i<sizeof($result)-1;$i++)
{
	$txt= $txt.$result[$i]["uid"].',';
}
$txt= $txt.$result[$i]["uid"];

*/

$con = mysql_connect("localhost", "vatsav", "2T*vzcd");
if (!$con)
{
  echo ('Could not connect: ' . mysql_error());
}

$db_selected = mysql_select_db("vatsav", $con);
	if (!$db_selected) {
		echo ('Cant use db : ' . mysql_error());
}

//$result = mysql_query("SELECT * FROM users where uid=".$_POST['uid']);	
$result = mysql_query("SELECT friendid FROM members where uid=$id and groupid=$groupid union select friendid from invitations where uid=$uid and groupid=$groupid");	
// Check result
if (!$result) {
   $message  = 'Invalid query: ' . mysql_error() . "<br/>";
   echo ($message);
}
$txt="";
while($row = mysql_fetch_array($result))
{
	$txt= $txt.$row[0].',';
}

$txt.=$id;
$decoded_group_name = html_entity_decode($group_name,ENT_QUOTES,'UTF-8');

?>

<fb:serverfbml width="615">
  <script type="text/fbml">
    <fb:request-form action="http://studentweb.comminfo.rutgers.edu/2010-9-673-01/vatsav/inviteaddtodb.php?id=<?php echo $id;?>&xid=<?php echo $groupid; ?>&x=<?php echo $group_name; ?>"
                     method="POST"
                     invite="true"
                     type="<?php echo $decoded_group_name; ?> Group"
                     content="<?php echo $decoded_group_name; ?> Group Invitation">
                     <fb:multi-friend-selector showborder="false"
                                bypass="cancel"
                                actiontext="Invite Friends to <?php echo $decoded_group_name; ?> Group"
                                exclude_ids="<?php echo $txt; ?>" 
                                cols="4"
                                rows="4" 
                                showborder="true" 
                                import_external_friends="false" />
    </fb:request-form>
  </script>
</fb:serverfbml>

<!-- 
<fb:serverfbml width="500">
    <script type="text/fbml">
    <form id="friends" method="post" action="http://studentweb.comminfo.rutgers.edu/2010-9-673-01/vatsav/inviteaddtodb.php?xid=<?php echo $groupid; ?>">
    <fb:multi-friend-input include_me="true" name="friendid" exclude_ids="<?php echo $txt; ?>" include_me="false"/><br/>
    <input type="submit" value="Invite" />
  </script>
</fb:serverfbml>

-->
<?php

mysql_close($con);

?>